“These results must be false”: A usability evaluation of
constant-time analysis tools

D 2024

“These results must be false”: A usability evaluation of constant-time analysis tools

FOURNÉ, Marcel, Daniel DE ALMEIDA BRAGA, Ján JANČÁR, Mohamed SABT, Peter SCHWABE et. al.

Základní údaje

Originální název

“These results must be false”: A usability evaluation of constant-time analysis tools

Autoři

FOURNÉ, Marcel, Daniel DE ALMEIDA BRAGA, Ján JANČÁR (703 Slovensko, garant, domácí), Mohamed SABT, Peter SCHWABE, Gilles BARTHE, Pierre-Alain FOUQUE a Yasemin ACAR

Vydání

Philadelphia, PA, US. Philadelphia, US, 33rd USENIX Security Symposium, od s. 6705-6722, 18 s. 2024

Nakladatel

USENIX Association

Další údaje

Jazyk

angličtina

Typ výsledku

Stať ve sborníku

Obor

10201 Computer sciences, information science, bioinformatics

Stát vydavatele

Spojené státy

Utajení

není předmětem státního či obchodního tajemství

Forma vydání

elektronická verze "online"

Odkazy

URL

Organizační jednotka

Fakulta informatiky

ISBN

978-1-939133-44-1

Klíčová slova anglicky

constant-time; timing attacks; crypto library; survey; developer survey; user study; usable security; human factors; cryptography

Příznaky

Mezinárodní význam, Recenzováno

Změněno: 8. 10. 2024 18:15, RNDr. Ján Jančár

Anotace

V originále

Cryptography secures our online interactions, transactions, and trust. To achieve this goal, not only do the cryptographic primitives and protocols need to be secure in theory, they also need to be securely implemented by cryptographic library developers in practice. However, implementing cryptographic algorithms securely is challenging, even for skilled professionals, which can lead to vulnerable implementations, especially to side-channel attacks. For timing attacks, a severe class of side-channel attacks, there exist a multitude of tools that are supposed to help cryptographic library developers assess whether their code is vulnerable to timing attacks. Previous work has established that despite an interest in writing constant-time code, cryptographic library developers do not routinely use these tools due to their general lack of usability. However, the precise factors affecting the usability of these tools remain unexplored. While many of the tools are developed in an academic context, we believe that it is worth exploring the factors that contribute to or hinder their effective use by cryptographic library developers. To assess what contributes to and detracts from usability of tools that verify constant-timeness (CT), we conducted a two-part usability study with 24 (post) graduate student participants on 6 tools across diverse tasks that approximate real-world use cases for cryptographic library developers. We find that all studied tools are affected by similar usability issues to varying degrees, with no tool excelling in usability, and usability issues preventing their effective use. Based on our results, we recommend that effective tools for verifying CT need usable documentation, simple installation, easy to adapt examples, clear output corresponding to CT violations, and minimal noninvasive code markup. We contribute first steps to achieving these with limited academic resources, with our documentation, examples, and installation scripts.

Návaznosti

MUNI/A/1586/2023, interní kód MU

Název: Aplikovaný výzkum na FI: Forenzní aspekty kritických infrastruktur, aplikovaná kryptografie, kyberbezpečnostní cvičení, algoritmy plánování v logistice a pro zpracování dat z fyzikálních sensorů

Investor: Masarykova univerzita, Aplikovaný výzkum na FI: Forenzní aspekty kritických infrastruktur, aplikovaná kryptografie, kyberbezpečnostní cvičení, algoritmy plánování v logistice a pro zpracování dat z fyzikálních sensorů

VJ02010010, projekt VaV

Název: Nástroje pro verifikaci bezpečnosti kryptografických zařízení s využitím AI (Akronym: AI-SecTools)

Investor: Ministerstvo vnitra ČR, Tools for AI-enhanced Security Verification of Cryptographic Devices

Citovat

FOURNÉ, Marcel, Daniel DE ALMEIDA BRAGA, Ján JANČÁR, Mohamed SABT, Peter SCHWABE, Gilles BARTHE, Pierre-Alain FOUQUE a Yasemin ACAR. “These results must be false”: A usability evaluation of constant-time analysis tools. Online. In Davide Balzarotti, Wenyuan Xu. 33rd USENIX Security Symposium. Philadelphia, PA, US. Philadelphia, US: USENIX Association, 2024, s. 6705-6722. ISBN 978-1-939133-44-1.

@inproceedings{2384079,
   author = {Fourné, Marcel and De Almeida Braga, Daniel and Jančár, Ján and Sabt, Mohamed and Schwabe, Peter and Barthe, Gilles and Fouque, PierreandAlain and Acar, Yasemin},
   address = {Philadelphia, US},
   booktitle = {33rd USENIX Security Symposium},
   edition = {Philadelphia, PA, US},
   editor = {Davide Balzarotti, Wenyuan Xu},
   keywords = {constant-time; timing attacks; crypto library; survey; developer survey; user study; usable security; human factors; cryptography},
   howpublished = {elektronická verze "online"},
   language = {eng},
   location = {Philadelphia, US},
   isbn = {978-1-939133-44-1},
   pages = {6705-6722},
   publisher = {USENIX Association},
   title = {“These results must be false”: A usability evaluation of constant-time analysis tools},
   url = {https://www.usenix.org/conference/usenixsecurity24/presentation/fourne},
   year = {2024}
}

TY  - JOUR
ID  - 2384079
AU  - Fourné, Marcel - De Almeida Braga, Daniel - Jančár, Ján - Sabt, Mohamed - Schwabe, Peter - Barthe, Gilles - Fouque, Pierre-Alain - Acar, Yasemin
PY  - 2024
TI  - “These results must be false”: A usability evaluation of constant-time analysis tools
PB  - USENIX Association
CY  - Philadelphia, US
SN  - 9781939133441
KW  - constant-time
KW  - timing attacks
KW  - crypto library
KW  - survey
KW  - developer survey
KW  - user study
KW  - usable security
KW  - human factors
KW  - cryptography
UR  - https://www.usenix.org/conference/usenixsecurity24/presentation/fourne
N2  - Cryptography secures our online interactions, transactions, and trust. To achieve this goal, not only do the cryptographic primitives and protocols need to be secure in theory, they also need to be securely implemented by cryptographic library developers in practice. However, implementing cryptographic algorithms securely is challenging, even for skilled professionals, which can lead to vulnerable implementations, especially to side-channel attacks. For timing attacks, a severe class of side-channel attacks, there exist a multitude of tools that are supposed to help cryptographic library developers assess whether their code is vulnerable to timing attacks. Previous work has established that despite an interest in writing constant-time code, cryptographic library developers do not routinely use these tools due to their general lack of usability. However, the precise factors affecting the usability of these tools remain unexplored. While many of the tools are developed in an academic context, we believe that it is worth exploring the factors that contribute to or hinder their effective use by cryptographic library developers. To assess what contributes to and detracts from usability of tools that verify constant-timeness (CT), we conducted a two-part usability study with 24 (post) graduate student participants on 6 tools across diverse tasks that approximate real-world use cases for cryptographic library developers. We find that all studied tools are affected by similar usability issues to varying degrees, with no tool excelling in usability, and usability issues preventing their effective use. Based on our results, we recommend that effective tools for verifying CT need usable documentation, simple installation, easy to adapt examples, clear output corresponding to CT violations, and minimal noninvasive code markup. We contribute first steps to achieving these with limited academic resources, with our documentation, examples, and installation scripts.
ER  -

FOURNÉ, Marcel, Daniel DE ALMEIDA BRAGA, Ján JANČÁR, Mohamed SABT, Peter SCHWABE, Gilles BARTHE, Pierre-Alain FOUQUE a Yasemin ACAR. “These results must be false”: A usability evaluation of constant-time analysis tools. Online. In Davide Balzarotti, Wenyuan Xu. \textit{33rd USENIX Security Symposium}. Philadelphia, PA, US. Philadelphia, US: USENIX Association, 2024, s.~6705-6722. ISBN~978-1-939133-44-1.

Podrobný výpis o publikaci